• Journal of KIISE
• /
• v.45 no.3
• /
• pp.294-302
• /
• 2018

With the emergence of the new service industry due to the development of information and communication technology, cyber space risks such as personal information infringement and industrial confidentiality leakage have diversified, and the security problem has emerged as a critical issue. In this paper, we propose a behavior-based anomaly detection method that is suitable for real-time and large-volume data analysis technology. We show that the proposed detection method is superior to existing signature security countermeasures that are based on large-capacity user log data according to in-company personal information abuse and internal information leakage. As the proposed behavior-based anomaly detection method requires a technique for processing large amounts of data, a real-time search engine is used, called Elasticsearch, which is based on an inverted index. In addition, statistical based frequency analysis and preprocessing were performed for data analysis, and the DBSCAN algorithm, which is a density based clustering method, was applied to classify abnormal data with an example for easy analysis through visualization. Unlike the existing anomaly detection system, the proposed behavior-based anomaly detection technique is promising as it enables anomaly detection analysis without the need to set the threshold value separately, and was proposed from a statistical perspective.

• Information Systems Review
• /
• v.20 no.1
• /
• pp.99-114
• /
• 2018

Technical measures for computer security are essential, but they are not a sufficient condition for security. Therefore, a personal approach to user's security behavior should be developed. Personality, which is a human aspect, is a behavioral characteristic that characterizes each individual and facilitates prediction of how an individual will behave in certain situations. Protection motivation theory has been used extensively in the security research on human behavior. The present study discusses how protection motivation was formed from personality traits. Thus, organizations can refer the result of this study for their HRD and HRM concerns.

• Management & Information Systems Review
• /
• v.35 no.1
• /
• pp.207-233
• /
• 2016

Currently mobile messenger industry, based on mobile application, is growing. And it has aroused innovative change, offering services in various forms beyond the form simply sharing messengers. Also because messenger securities are becoming personalized and intelligent, the importance of more diverse mobile applications' securities is increasing. This study carries out the empirical study of the causal relationship that the factors of using application services influence on security recognition and security Intention of mobile securities, and consequentially impact upon protection of personal information of users. In order that, we present the research model which prime variables of SDT, which emphasized on natural immanent motivation of human, applied to. To verify the research model of this study empirically, we conducted a survey targeting the public and university students which have ever used mobile messenger applications. With this, we desire to contribute to emphasizing the significance of individual messenger security and playing a positive role to develop security guide for consumers. The path analysis results are as follows. First, perceived autonomy has a positive effect on both security awareness and security intention. Second, perceived competence has a positive effect on security intention. Third, perceived relatedness has a positive effect on both security awareness and security intention. Last, security awareness and security intention. have a positive effect on privacy protection behavior. Through emphasizing the importance of the security of the messenger of individuals and contribute to a positive role for development of the necessary security guidelines to consumers.

• Journal of Information Processing Systems
• /
• v.19 no.6
• /
• pp.767-777
• /
• 2023

In modern society, user privacy is emerging as an important issue as closed-circuit television (CCTV) systems increase rapidly in various public and private spaces. If CCTV cameras monitor sensitive areas or personal spaces, they can infringe on personal privacy. Someone's behavior patterns, sensitive information, residence, etc. can be exposed, and if the image data collected from CCTV is not properly protected, there can be a risk of data leakage by hackers or illegal accessors. This paper presents an innovative approach to "machine learning based reversible chaotic masking method for user privacy protection in CCTV environment." The proposed method was developed to protect an individual's identity within CCTV images while maintaining the usefulness of the data for surveillance and analysis purposes. This method utilizes a two-step process for user privacy. First, machine learning models are trained to accurately detect and locate human subjects within the CCTV frame. This model is designed to identify individuals accurately and robustly by leveraging state-of-the-art object detection techniques. When an individual is detected, reversible chaos masking technology is applied. This masking technique uses chaos maps to create complex patterns to hide individual facial features and identifiable characteristics. Above all, the generated mask can be reversibly applied and removed, allowing authorized users to access the original unmasking image.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.12
• /
• pp.4909-4926
• /
• 2020

Cyberattacks penetrate the server and perform various malicious acts such as stealing confidential information, destroying systems, and exposing personal information. To achieve this, attackers perform various malicious actions by infecting endpoints and accessing the internal network. However, the current countermeasures are only anti-viruses that operate in a signature or pattern manner, allowing initial unknown attacks. Endpoint Detection and Response (EDR) technology is focused on providing visibility, and strong countermeasures are lacking. If you fail to respond to the initial attack, it is difficult to respond additionally because malicious behavior like Advanced Persistent Threat (APT) attack does not occur immediately, but occurs over a long period of time. In this paper, we propose a technique that detects an unknown attack using an event log without prior knowledge, although the initial response failed with anti-virus. The proposed technology uses a combination of AutoEncoder and 1D CNN (1-Dimention Convolutional Neural Network) based on semi-supervised learning. The experiment trained a dataset collected over a month in a real-world commercial endpoint environment, and tested the data collected over the next month. As a result of the experiment, 37 unknown attacks were detected in the event log collected for one month in the actual commercial endpoint environment, and 26 of them were verified as malicious through VirusTotal (VT). In the future, it is expected that the proposed model will be applied to EDR technology to form a secure endpoint environment and reduce time and labor costs to effectively detect unknown attacks.

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.374-381
• /
• 2022

The article identifies and theoretically substantiates the trends of national resilience in the context of establishing the security of the country and its civilizational subjectivity. The strategy of development of the pedagogical university in the conditions of European integration into the European educational and scientific space based on certain characterological features of the personality of the volunteer in the context of allocation of personal resilience is developed. The analysis of both external and internal challenges and threats to the civilization of the country needs to be understood in the context of economic, socio-political, legal, military-political, spiritual-cultural, educational-scientific and network-information resilience. The concepts of "national resilience" and "national security" are quite close - at first glance, even identical. However, a deeper understanding clarifies the differences: national security is a state of protection of the country identity and its very existence, the realization of its national interests. In turn, resilience is a fairly effective strategy and a fundamental guarantee of national security. At the same time, it is extremely important to understand that both national security as a state and national resilience as a strategy are only means of achieving and developing a strong and humanistic civilizational subjectivity of the country. After all, such subjectivity opens for citizens the opportunity for development, dignified self-realization and a proper life. The restructuring of the volunteer's motivational sphere is due to the dominance of such leading motives, which are focused mainly on maintaining and restoring health, which leads to distorted meaningful life goals: isolation, alienation, passivity, inertia, reduced activity, limited communication, etc. The characteristics of relatively stable human behavior include several primary and secondary properties. The primary (relevant) properties include patience, trust, hope, faith, confidence, determination, perseverance, and love; the secondary - punctuality, neatness, obedience, honesty, loyalty, justice, diligence, thrift, accuracy, conscientiousness, obligation, etc. The restructuring of the volunteer's motivational sphere is due to the dominance of such leading motives, which are focused mainly on maintaining and restoring health, which leads to distorted meaningful life goals: isolation, alienation, passivity, inertia, reduced activity, limited communication, etc. The characteristics of relatively stable human behavior include several primary and secondary properties. The primary (relevant) properties include patience, trust, hope, faith, confidence, determination, perseverance, and love; the secondary - punctuality, neatness, obedience, honesty, loyalty, justice, diligence, thrift, accuracy, conscientiousness, obligation, etc. The use of information and communication technologies in volunteering will contribute to the formation of resilience traits in the structure of personality formation. Directly to the personal traits of resilience should be included methodological competencies, which include methodological knowledge, skills and abilities (ability to define ultimate and intermediate goals, plan, conduct and analyze knowledge, establish and implement interdisciplinary links with disciplines of medical-psychological-pedagogical cycles, etc.). All these competencies form the professional resilience of the volunteer.

• Journal of Digital Contents Society
• /
• v.19 no.8
• /
• pp.1515-1525
• /
• 2018

Security threats in the 4th Industrial Revolution have expanded to the issue of safety, but the environment for information security of domestic companies is still at a low level. This study aims to propose policy implications by empirically analyzing factors affecting investment intention. We investigated the state of information security and protection behavior and expanded UTAUT to investigate correlations. The results showed that information assets affect facilitating conditions, and perceived and new concerns have impacts on social influence. Social influence affect experience and habits, but the impact on security investment intentions was rejected. Facilitation conditions, previous experiences and habits have great influences on investment intention, new service security investment intention. The influence of perceived and new concern are low or rejected. There are moderating effects between types of business, size, security organization, experience of infringement, security personnel ratio, and personal information collection. This study will help to establish policies for enhancing the level of information security.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.328-330
• /
• 2022

Currently, the Metaverse is introduced in various fields, and a virtual convergence economy that uses NFTs for content or item transactions is expected to develop into a 'metaverse environment'. The 'metaverse environment' will lead the changes in our society in the future and it will be fused with AI, big data, cloud, IoT, block chain, and next-generation network technology. However, personal information, device information, and behavior information provided by Metaverse users to use the service are subject to major attacks. Therefore, in order to provide a safe environment for users to use and to expand the business base of related companies, building a public-private cooperation system and developing a security guide are the leading tasks. Therefore, in this study, we compare and analyze metaverse features and technologies, and examine possible security threats and countermeasures.

• Asia pacific journal of information systems
• /
• v.13 no.1
• /
• pp.141-170
• /
• 2003

This study investigates internet shopping behavior of consumers. The rapid growth of the internet shopping markets is solely dependent on the voluntary adoption of internet shopping medium by the personal users. But the studies on this topic are very limited. Based on these facts, this study, recognizing the internet shopping medium as an innovation, studies how consumers understand and use innovative internet shopping medium by applying and extending the technology acceptance model proposed by Davis et. al.(1989). The results of the survey on 947 consumer panel reveal that compatibility, system quality have positive impact on the formation of perceived ease of use. And it is also shown that the perceived ease of use, system quality, and compatibility have positive influence on perceived usefulness, but computer-efficacy has no effect on perceived usefulness. Meanwhile, it is confirmed that perceived usefulness and compatibility have positive effect on attitude toward internet shopping behavior, but perceived ease of use has no effect. In addition, perceived security and social norm, as opposed to the hypotheses, are shown to have no effect on internet shopping behavior. Lastly, applications and related limitations are discussed.

• Informatization Policy
• /
• v.31 no.2
• /
• pp.82-104
• /
• 2024

Smart home services are growing rapidly as the development of the Internet of Things (IoT) opens the era of the so-called "Connected Living." Although personal information leaks through smart home cameras are increasing, however, users-while concerned-tend to take passive measures to protect their personal information. This study theoretically explained and verified how to design effective software update notification messages for smart home cameras to ensure that users comply with the recommended security behavior (i.e., update installation). In a survey experiment participated in by 120 actual users, the effectiveness of both emotional appeals (i.e., security breach warning images for fear appeals) and rational appeals (i.e., loss-framed messages emphasizing the negative consequences of not installing the updates) were confirmed. The results of this study provide theoretical interpretations and practical guidelines on the message design features that are effective for threat appraisals (i.e., severity, vulnerability) of smart home camera users and their protection motivation.